04-03-2003 10:08 AM - edited 07-04-2021 08:37 AM
Is there a tool or possibly a feature within Cisco's ACS that will help Identify any APs being added to the network (friend or foe?) Any URL to such an item welcome to discuss such a tools limiations.
Thanks
04-06-2003 01:33 PM
Q: What client version is required for the detection of non-leap ap's
(Tattle Tale)? when will this version be posted to CCO?
A: The client firmware that provides the LEAP "tattle tale" feature will
available in future .
The AP will receive a "Potential Rogue AP" message, which falls into "Protocol Alert" category- "Event Disposition" level for Protocol Alert would need to be set to higher level (4=notify) in order to generate SNMP traps.
For detailed information on this topic please refer the Rogue AP Detection and Mitigation Application Note which is available from the Enterprise Solutions Engineering home page, http://wwwin.cisco.com/ent/ese/ by clicking the Wireless and Design Guidance links
----------------------------------------------------------
Preventing Rogue Access Points
The first priority for enterprise IT security departments should be to prevent rogue APs in the first place.
·
**Create and publish policy banning employee installations of WLAN equipment
·
**Physical security of enterprise premises
·
**Provide a supported WLAN infrastructure removing the motivation for employee installs
·
**Implement IEEE 802.1x Port Based Security
·
**Use Catalyst Switch filters
-----------------------------------------------------
Detecting Rogue APs
In addition to the rogue AP prevention mechanisms mentioned above, a combination of the following rogue AP detection methods should also be used by the IT security administrator;
· Detecting Rogue APs Wirelessly
· Detecting Rogue APs from the wired network
· Detecting Rogue APs by Physical Observation
Nilesh
04-08-2003 03:33 PM
Where does this "client" reside on AP or only on Cisco Wireless NICs?
It appears "clients" report back to AP's and APs send SNMP trap to system to identify the rouge AP, is that right?
Well, instead of asking 10 more questions, could you please reply with another URL reference if there is one for this "Tattle Tale"? FYI, your other URL fails at this time, even though I suspect that only references the ladder items in your first response.
Anyway, thanks for anything else you can provide!!!
04-10-2003 07:02 AM
have alook at www.isomair.com
04-10-2003 07:03 AM
have alook at www.isomair.com
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: